Do you have a reference to sources or requirements documents saying that the plants must tolerate a malicious actor in control of the computerized parts of a plant, control rooms and supporting infrastructue? This sounds like quite a hard problem to solve.
Safety, meaning defense against accidental events, is in some respects much easier than defense against malicious events. Diversity and redundancy for example are much less effective: failure comes, not from a coincidence of two very unlikely failures, but from the adversary just successfully attacking an additional subsystem in a workflow of several attacks.
Diversity and parallel principles are more general than cybersecurity. If these the design is properly implemented, complete failure in one subsystem (even intentional) is not going to cause a catastrophe. All the attacker can do is to trigger controlled shutdown from analog subsystems.
Different countries have different safety requirements for nuclear power plants, all plants are not necessarily equally secure. Safety is expensive to implement and manufacturers provide different choices.
I'm sure we agree but a caveat like "if properly implemented" is quite a big one to make in this business - bad stuff happens largely because of implementation bugs. And we don't know how to eliminate implementation bugs. And this is one reason why we see successful attacks on systems with multiple "sound if properly implemented" levels of security.
I remember reading elsewhere that bad stuff happens largely because of incomplete or conflicting requirements, and that implementation bugs are secondary. My own experience confirms this, even though I usually deal with systems where a problem at worst results in lost sales / orders and thus sloppy coding and implementation bugs are much more common.
Makes me wonder how well-polished the requirements analysis for (nuclear) power plant software is...
There is no perfect security. What I mean is that if you design a plant in a way that it's not relying on cybersecurity measures or digital automation for it's nuclear safety and security, it's secure from cyberattacks.
We know how to eliminate almost all implementation bugs. I hope nuclear power plants are one of the areas where people are willing to pay for that level of correctness.
Safety, meaning defense against accidental events, is in some respects much easier than defense against malicious events. Diversity and redundancy for example are much less effective: failure comes, not from a coincidence of two very unlikely failures, but from the adversary just successfully attacking an additional subsystem in a workflow of several attacks.